Top Tweets for #HashDOS

Daily CyberSecurity @the_yellow_fall

11 months ago

OpenJS Foundation released critical Node.js updates patching two high-severity flaws (CVE-2025-27210, CVE-2025-27209) affecting Windows apps, including path traversal bypass and HashDoS. #Nodejs #SecurityUpdate #PathTraversal #HashDoS #CybersecurityAlert https://t.co/7bIFSdx5qh

1

5

3

0

649

Dmitry Chestnykh ☮️ @dchest

over 11 years ago

Cocoa #HashDoS can be exploited and Swift won't help. https://t.co/4SzYhvu566

dchest's tweet photo. Cocoa #HashDoS can be exploited and Swift won't help. https://t.co/4SzYhvu566 http://t.co/PM2AXeTkZm

Dmitry Chestnykh ☮️ @dchest

over 13 years ago

And yes, it works. Reading .plist with 30000 colliding keys takes 43 sec. compared to 0.2 sec without collisions http://t.co/6Fgcz5Wd

0

2

1

0

0

0

5

4

0

0

Dmitry Chestnykh ☮️ @dchest

over 11 years ago

#HashDoS in #Swift https://t.co/d0QB3RdxFx

dchest's tweet photo. #HashDoS in #Swift https://t.co/d0QB3RdxFx http://t.co/OyLCadUP4h

0

4

5

0

0

almost 14 years ago

Effective DoS attacks against Web Application Plattforms – #hashDoS : http://t.co/PBAYWECp #HashTables #fb

0

0

0

0

0

Stefan Esser @i0n1c

about 14 years ago

If I see correctly PHP 5.3.11 will also backport the broken security fix for #HashDOS from PHP 5.4 into the 5.3 tree.

5

0

4

0

0

Stefan Esser @i0n1c

over 14 years ago

No matter if you are running PHP 5.3 or PHP 5.4 you have no #HashDOS protection if you allow RFC1867 file uploads.

1

6

12

0

0

Stefan Esser @i0n1c

over 14 years ago

If you upgrade to PHP 5.4 and use mbstring.encoding_translation you have NO protection against CVE-2011-4885 #HashDOS

1

5

14

0

0

Stefan Esser @i0n1c

over 14 years ago

Actually I am wrong just found an even earlier mail to [email protected] from 20.05.2004 reporting #HashDOS

1

4

3

0

0

Stefan Esser @i0n1c

over 14 years ago

Remember the nruns #HashDOS advisory? I just found the original notification email to [email protected] from 2005 - http://t.co/gGJTCueU

0

1

5

0

0

Stefan Esser @i0n1c

over 14 years ago

I guess in the days of #HashDOS and unpatched PHP servers it should be no problem fro anonymous to take down a lot of websites.

6

7

22

0

0

over 14 years ago

Anyone recall the URL of that page which launched a JavaScript #hashdos attack against a PHP site based on the URL entered? All client side.

0

0

0

0

0

Stefan Esser @i0n1c

over 14 years ago

I should propose the following #HashDOS fix on the internals mailinglist: if emalloc() is called 31337 times exit with fatal error

0

1

3

0

0

over 14 years ago

Right, I've now seen #hashdos in all it's glory. 5 simultaneous threads of the 4MB payload and it's "lights out" https://t.co/6hdSEpMJ

0

2

1

0

0

Akamai Technologies @Akamai

over 14 years ago

For further information about protecting against #hashdos, customers should reference the advisory messages posted to the Akamai Portal.

0

0

4

0

0

KIRIK protocol @kirik_protocol

over 14 years ago

Cryptanalysis » Effective DoS attacks against Web Application Plattforms – #hashDoS [UPDATE3] http://t.co/WzeTG5dg

0

5

6

0

0

over 14 years ago

@talking_biscuit I added some info to the #hashdos scan report under a bold "Important" heading. See what you think http://t.co/UeVXXF7v

3

0

0

0

0

over 14 years ago

Looks like MVC pages not accessing the Request.Form object can't test for the #hashdos patch by posting > 1000 params. Any other ideas?

0

0

1

0

0

over 14 years ago

The #hashdos situation provides a good opportunity to see how efficient hosts are. How many will takes days or weeks to apply the patch?

0

0

2

0

0

over 14 years ago

Watching the @ASafaWeb logs, most sites *do not* have the #hashdos patch applied yet; does yours? http://t.co/iDmXB2qu

0

0

2

0

0

over 14 years ago

I've just finished the @ASafaWeb scan for the #hashdos patch for ASP.NET - writing up a post then publishing all shortly...

1

0

1

0

0

Last Seen Hashtags on Sotwe

Trends for you

Most Popular Users